2. ISO 9001:2015 is published by ISO technical
committee (TC) ISO/TC 176, sub-committee
2.
When the standard was revised and updated
in 2015 the TC prepared some guidance
documents to help organizations and
companies implement the revised version of
the standard.
3. This revision is not a revolution but it is
evolutionary process
And this ISO 9001:2015 is very much focused
on the performance
4. Increased prominence of services .(Also
there is a general perception that the old
standard is leaned towards manufacturing)
Globalization (Integration of products
and ideas from all parts of the world made
possible by technology)
Cont..
5. More complex supply chain (sub-suppliers,
suppliers, organization, distributors,
wholesalers, online sellers, customer, etc.)
Increased interested parties’ expectations
Improvement of Information technology &
Electronic Medium
6. Enhanced leadership involvement
in the management system
Risk-based thinking
Simplified language, common structure and
terms
Aligning QMS policy and objectives with the
strategy of the organization
7.
8. Focus on achieving planned results
Flexibility for documented information
Improved risk control
Better process control leading to improved
results
Improved customer satisfaction
Customer retention and loyalty
Improved image and reputation
Greater credibility
9. A new common format has been developed
All ISO management systems standards
will look the same with the same
structure (some deviations)
More efficient to address multiple management
system requirements
Provides the option of integrating
management systems
Standardized core definitions
10. ISO has just completed work to provide
identical structure, text and common terms
and definitions for management system
standards of the future.
Both ISO 9001 and ISO 14001 revised
standards followed the new outline
11. All technical committees developing management system
standards have to follow Annex SL in the new consolidated
ISO Supplement
High level structure :
Clause 1 - Scope
Clause 2 - Normative references
Clause 3 - Terms and definitions
Clause 4 - Context of the organization
Clause 5 - Leadership
Clause 6 - Planning
Clause 7 - Support
Clause 8 - Operation
Clause 9 - Performance evaluation
Clause 10 - Improvement
12. 1. Structure and terminology
2. Products and services
3. Understanding the needs and
expectations of interested parties
4. Risk-based thinking
5. Applicability
6. Documented information
7. Organizational knowledge
8. Control of externally provided processes,
products and services
13. The clause structure (i.e. clause sequence)
and some of the terminology of this Standard
have been changed to improve alignment
with other management systems standards.
The structure of clauses is intended to
provide a coherent presentation of
requirements, rather than a model for
documenting an organization’s policies,
objectives and processes.
14. ISO 9001:2008 ISO 9001:2015
Products Products and services
Exclusions Not used
(See Clause A.5 for clarification of
applicability)
Management representative Not used
(Similar responsibilities and authorities are
assigned
but no requirement for a single management
representative)
Documentation, quality
manual, documented
procedures,
records
Documented information
Work environment Environment for the operation of processes
Monitoring and measuring
equipment
Monitoring and measuring resources
Purchased product Externally provided products and services
15. ISO 9001:2008 used the term “product” to
include all output categories.
This edition of this International Standard
uses “products and services”. “Products and
services” include all output categories
(hardware, services, software and processed
materials).
16.
17. Sub clause 4.2 specifies requirements for the
organization to determine the interested
parties that are relevant to the quality
management system and the requirements of
those interested parties.
However, 4.2 does not imply extension of
quality management system requirements
beyond the scope of this International
Standard
18. One of the key purposes of a quality
management system is to act as a preventive
tool.
Consequently, this
International Standard does not have a
separate clause or sub clause on preventive
action. The concept of preventive action is
expressed through the use of risk-based
thinking in formulating quality management
system requirements.
19. There is no requirement for formal methods
for risk management or a documented risk
management process
Organizations can decide whether or not to
develop a more extensive risk management
methodology than is required by this
International Standard, e.g. through the
application of other guidance or standards.
20. The Main Objectives of International
Standards is :
• To provide confidence in the organization’s
ability to consistently provide customers with
conforming goods and services
• To enhance customer satisfaction
The concept of “risk” in the context of the
international standards relates to the
uncertainty in achieving these objectives
21. Risk-based thinking is something we all do
automatically and often sub-consciously
The concept of risk has always been implicit in
ISO 9001 – the 2015 revision makes it more
explicit and builds it into the whole management
system
Risk-based thinking is already part of the process
approach
Risk-based thinking makes preventive action part
of the routine
Risk is often thought of only in the negative
sense. Risk-based thinking can also help to
identify opportunities. This can be considered to
be the positive side of risk
22. Identify what the risks and opportunities are
in your organization – it depends on context –
ISO 9001:2015 will not automatically require
you to carry out a full, formal risk
assessment, or to maintain a “risk register”
ISO 31000 (“Risk management — Principles
and guidelines”) will be a useful reference
(but not mandated)
23.
24. Risk Based Thinking = Preventative Action
Risk Based Thinking is everybody’ s business!
– Risk Based Thinking is not just the
responsibility of management
– Risk Based Thinking must become an
integral part of the organizational culture
25. This International Standard does not refer to
“exclusions” in relation to the applicability
of its requirements to the organization’s
quality management system.
But the organization can decide that a
requirement is not applicable if its decision
will not result in failure to achieve
conformity of products and services.
26. “Documented information” is used for all
document requirements.
Documented information is the information
required to be controlled and maintained by
an organization and the medium on which it
is contained.
27. The organization is responsible for
determining what documented information
needs to be retained, the period of time for
which it is to be retained and the media to
be used for its retention
The organization can decide whether or not
it is necessary or appropriate to maintain
documented information
28. SNo “Maintain” as Documented Information ISO 9001
Clause
1 Documented information stating the scope of
quality management system
4.3
2 Documented information to extent necessary
to support operation of processes
4.4
3 Documented information available for
quality policy
5.2.2.a
4 Documented information required by this
International Standard
7.5.1.a
5 Documented information determined by the
organization as being necessary for the
effectiveness of the quality management
system
7.5.1.b
6 Documented information of external origin
determined by the organization to be
necessary for the planning and operation of
7.5.3.2
30. Requirements regarding organizational
knowledge were introduced for the purpose of:
a) safeguarding the organization from loss of
knowledge, e.g.
— through staff turnover;
— failure to capture and share information;
b) encouraging the organization to acquire
knowledge, e.g.
— learning from experience;
— mentoring;
— benchmarking.
31. All forms of externally provided processes,
products and services are addressed in 8.4,
e.g. Whether through:
a) purchasing from a supplier;
b) an arrangement with an associate company;
c) outsourcing processes to an external
provider.
32. 1 Scope 2 Normative references 3 Terms and
definitions
4 Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of
interested parties
4.3 Determining the scope of the quality management
system
4.4 Quality management system and its processes
5 Leadership
5.1 Leadership and commitment
5.2 Policy
5.3 Organizational roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.2 Quality objectives and planning to achieve them
6.3 Planning of changes
33. 7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
8 Operation
8.1 Operational planning and control
8.2 Requirements for products and services
8.3 Design and development of products and
services
8.4 Control of externally provided processes,
products and services
8.5 Production and service provision
8.6 Release of products and services
8.7 Control of nonconforming outputs
34. 9 Performance evaluation
9.1 Monitoring, measurement, analysis and
evaluation
9.2 Internal audit
9.3 Management review
10 Improvement
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement
35. Clause 4.1
Determine what the relevant external and
internal issues are for your organization, and
that are relevant to its strategic direction
4
Context of
organization
4.1
Understanding
context
4.2
Interested parties
4.3
Scope
4.4
QMS
36. Clause 4.2
Identify the relevant interested parties and
their relevant requirements
4
Context of
organization
4.1
Understanding
context
4.2
Interested
parties
4.3
Scope
4.4
QMS
37. Clause 4.3 and 4.4
The requirement for the scope is now better
defined, must be documented and consider:
external and internal issues
requirements of relevant interested
parties
the products and services covered (must
also be stated in scope)
allowing applicability of specific
requirements
justification for any case where a
requirement cannot be applied
(exclusion)
4
Context of
organization
4.1
Understanding
context
4.2
Interested parties
4.3
Scope
4.4
QMS
38. Clause 5.1.1
Leadership is required to ensure:
take accountability for the effectiveness of
the quality management system
ensure the quality policy and quality
objectives are compatible with the context
and strategic direction of the organization
ensure the integration of the QMS
requirements into the organization’s business
processes
promote the use of the process approach and
risk-based thinking
ensure that the QMS achieves its intended
results
engage, direct and support persons to
contribute to the effectiveness of the QMS
supporting relevant management roles
promotion of improvement
Clause 5.1.2
Top management needs to ensure customer
satisfaction through:
customer and applicable statutory and
regulatory requirements being determined and
5
Leadership
5.1
Leadership and
commitment
5.2
Policy
5.3
Organizational
roles,
responsibilities and
authorities
40. Clause 5.2
Explicit requirement to apply the policy
Clause 5.3
Explicit requirement for relevant roles to be
assigned, communicated and understood
No requirement for a specific management
representative and the responsibility now
resides with top management to assign and
manage
Requirement for defining responsibility and
authority for ensuring processes are
delivering their intended outputs
5
Leadership
5.1
Leadership and
commitment
5.2
Policy
5.3
Organizational roles,
responsibilities and
authorities
41. Clause 6.1
Considering the issues raised and relevant
interested parties’ requirements
identified (4.1 and 4.2), this clause
requires the determination of risks and
opportunities which need to be addressed,
actions to be taken and evaluation of the
effectiveness of these actions
6
Planning
6.1
Actions to address
risks and
opportunities
6.2
Objectives and
planning
6.3
Planning of changes
42. Clause 6.2
Objectives should be:
established for processes relevant to the QMS
in line with customer requirements
in line with products and services conformity
monitored, communicated & updated
6
Planning
6.1
Actions to address risks
and opportunities
6.2
Objectives and planning
6.3
Planning of changes
43. Clause 6.3
Changes to the QMS should be carried out in a
planned manner
The standard has evolved to enable
organizations to adapt to changing
environments or circumstances
Note: It is important to know that change is
addressed in the following clauses:
Clause 6.3 - Planning/implementing changes
to the QMS
Clause 7.1.6 - Organizational knowledge - for
addressing changing needs and trends, with
respect to knowledge
Clause 8.1 - Controlling operational changes,
planned and unintentional
Clause 8.5.6 - Addressing changes affecting
products & services
6
Planning
6.1
Actions to address
risk and opportunity
6.2
Objectives and
planning
6.3
Planning of changes
44. 7.1
Resources
7.3
Awareness
7.4
Communication
7.5
Documented information
7.2
Competence
7.1.4
Environment for the
operation of processes
7.1.5
Monitoring and measuring
resources
7.1.2
People
7.1.3
Infrastructure
7.1.6
Organizational knowledge
Clause 7.1
There should be adequate resources to ensure
effectiveness of the QMS. Resource considerations now
include:
internal resources
external providers
people
monitoring and measuring resources
organizational knowledge required to ensure the
processes provide conforming products and services
external communication
.
7
Support
45. 7.1
Resources
7.3
Awareness
7.4
Communication
7.5
Documented information
7.2
Competence
7.1.4
Environment for the
operation of processes
7.1.5
Monitoring and measuring
resources
7.1.2
People
7.1.3
Infrastructure
7.1.6
Organizational knowledge
Clause 7.3 and 7.4
Relevant persons doing work under the
organization’s control need to have awareness
and communication (internal and external) of
the QMS and benefits of improving performance
7
Support
46. Clause 7.5.1
Requirements that used to be required for a quality
manual have been enhanced and made more flexible to
allow for the use of documented information needed for
the quality management system
Clause 7.5.2
Enhanced requirement for the creation and updating of
documented information, e.g. description, format &
suitability
Clause 7.5.3
Control of documented information – now explicitly
includes confidentiality, integrity and access
7
Support
7.1
Resources
7.3
Awareness
7.4
Communication
7.5
Documented information
7.2
Competence
7.1.4
Environment for operation
of processes
7.1.5
Monitoring and measuring
resources
7.1.2
People
7.1.3
Infrastructure
7.1.6
Organizational knowledge
47. Clause 8.1.b
explicit requirement for establishing criteria
for processes
Clause 8.2.1
explicit considerations are now linked to:
customer communications; customer
property, and contingency actions
Clause 8.2.2
Determination of requirements; this requires
a process and is explicit with regard to
substantiating claims for products and
services being offered
8.1 Operational
planning and control
8.2 Requirements for
products and services
8.2.1 Customer
communication
8.2.2 Determination
of requirements
related to products
and services
8.2.3 Review of
requirements related
to products and
services
8 Operation
8.2.4 Changes to
requirements for
products and services
48. Clause 8.3
This section on design and development of products and
services has substantively changed and simplified:
Clause 8.3.2
Design and development has been restructured to
allow for a more process orientated approach
Involvement of customers and users as part of design
planning to be considered
Clause 8.3.3
Design and development inputs – explicit
requirements for internal and external resource
needs, potential consequences of failure, level of
control expected by customers
Clause 8.3.4
Design and development controls – new clause
combining Reviews, Verification & Validation
8 Operation
8.3.6 Design and
development changes
8.3 Design and
development of
products and services
8.3.1 General
8.3.2 Design and
development planning
8.3.3 Design and
development inputs
8.3.4 Design and
development controls
8.3.5 Design and
development outputs
49. Clause 8.4
The terms which previously referred to purchasing and
‘outsourcing’ is now ‘Control of externally provided
processes, products and services’
Clause 8.4.1
Conditions are applied when controls are required for
externally provided processes, products and service
Terminology has changed from ‘supplier’ to ‘external
provider’
Clause 8.4.2
Type and extent of control of external provision
previous notes in 4.1 (ISO 9001:2008) now turned into
requirements
Clause 8.4.3
Information for external providers are now more
detailed and explicit
8.4 Control of externally
provided processes
products and services
8.4.1 General
8.4.2 Type and extent of
control
8.4.3 Information for
external providers
8 Operation
50. Clause 8.5.1
This clause specifically considers:
monitoring and measurement activities will
ensure the control of processes and output
(clauses 8.2.3 and 8.2.4 of ISO 9001:2008
have been moved to 8.5.1)
acceptance criteria for products and
services are met
the use, and control of suitable
infrastructure and process environment
suitable monitoring and measuring resources
Requires competent persons
8.5.3 Property
belonging to
customers or
external providers
8.5 Production and
service provision
8.5.1 Control of
production and
service provision
8.5.2 Identification
and traceability
8.5.6 Control of
changes
8.5.4 Preservation
8.5.5 Post-delivery
activities
8 Operation
51. Clause 8.5.2
The identification and traceability now focus on
‘outputs’ rather than on ‘product’ (includes
intermediate products and services) rather than on
‘product’
Clause 8.5.3
Customer property has been expanded to include
external providers’ property
Clause 8.5.4
Preservation of product has been changed to
preservation of the output
Clause 8.5.5
Post-delivery activities is a new clause
Clause 8.5.6
A new requirement for the control of changes is
addressed in the slide introducing the concept of
change
8.5 Production and
service provision
8.5.1 Control of
production and service
provision
8.5.2 Identification and
traceability
8.5.6 Control of changes
8.5.5 Post-delivery
activities
8.5.3 Property belonging
to customers or external
providers
8.5.4 Preservation
8 Operation
52. Clause 8.6
The release of products and services is now
part of the operational requirements
Clause 8.7
The control of nonconforming output is
more explicit; it now considers the options
to apply correction and corrective action
Nonconforming product changed to
nonconforming output
8.6 Release of
products and
services
8.7 Control of
nonconforming
outputs
8 Operation
53. Clause 9.1.1
In 8.1 ISO 9001:2008 (clause 8.1) there
was a requirement for planning. This is
replaced with identifying what needs
monitoring and measuring, and the
methods to be used
Clause 9.1.3
There are specific requirements for
analysis and evaluation when using
results as inputs to management review
Effective implementation of planning
and actions to address risks and
opportunities are new requirements in
this clause
9
Performance
evaluation
9.2
Internal audit
9.3
Management review
9.1.2
Customer satisfaction
9.1.3
Analysis and evaluation
9.1.1
General
9.1
Monitoring, measurement,
analysis and evaluation
54. Clause 9.2
Internal audit program now has explicit considerations for:
quality objectives, customer feedback and changes
impacting the organization; management responsibility for
action is now implicit whereas previously this was explicit
An auditor is now required to be impartial versus in the
previous version they could not audit their own work
Clause 9.3
There are now additional requirements for management
review. These include:
changes in external and internal issues (such as strategic
direction)
performance concerning external providers
adequacy of resources for effective QMS and effectiveness of
actions taken addressing risks & opportunities
Clause 9.3.1
Management reviews should be aligned to the strategic
direction of the organization
Clause 9.3.3
Management review outputs have been enhanced to include
many of the new areas of focus
9
Performance
Evaluation
9.1
Monitoring,
measurement, analysis
and evaluation
9.2
Internal audit
9.3
Management review
9.1.2
Customer satisfaction
9.1.3
Analysis and evaluation
9.3.1
General
9.3.3
Management review
output
9.3 .2
Management review input
55. Clause 10.1
This clause is new, it addresses more comprehensive
opportunities for improvement; not only continual improvement
Addresses improvement of products and services and future
needs and expectations
Emphasis is now on improving processes to prevent
nonconformities and improving products and services
Clause 10.2
The nonconformity referred to in this clause concerns the entire
QMS and not specifically the products or services which are
addressed under clause 8.7
Clause 10.2.1
New emphasis is placed on nonconformity and corrective action
Consequences are now included thus actions taken now
recognize the potential occurrence of a similar nonconformity
elsewhere
Risks and opportunities now need to be updated when required
following a nonconformity
Clause 10.2.2
Documented information is now required on the nature of the
nonconformity and subsequent actions taken
Clause 10.3
Opportunities shall be addressed as part of continual
improvement
10
Improvement
10.2 Nonconformity and
corrective action
10.3
Continual improvement
10.1
General
56. Summary
Determining the organizational context enables a more
effective implementation of the quality management system
Greater emphasis on processes being managed to achieve
planned results
Alignment with strategic direction
Integration of the QMS into organization’s business processes
Determining risks and opportunities increase the effectiveness
of the organization’s QMS
Change management has been expanded to add emphasis that
the QMS should be carried out in a planned manner
The concept of organizational knowledge introduced to ensure
the organization acquires and maintains the necessary
knowledge
Communication expanded to include external
Notes de l'éditeur
Key reasons for the revision of this standard …Products – “products and services”
Note: Interested Parties: person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity
(expectations go beyond customers (i.e. owners, people in an organization, suppliers , bankers, unions, partners or society that may include competitors or opposing pressure groups).
This will ensure consistency among future and revised management system standards and make integrated use simpler. It will also make the standards easier to read and, in so doing, be understood by users.
Three management system standards have already been published in this new harmonized format with another seven on the way.
In most cases, products and services are used together. Most outputs that organizations provide to customers, or are supplied to them by external providers, include both products and services.
However, an organization can review
the applicability of requirements due to the size or complexity of the organization, the management
model it adopts, the range of the organization’s activities and the nature of the risks and opportunities
it encounters.
The controls required for external provision can vary widely depending on the nature of the processes,
products and services. The organization can apply risk-based thinking to determine the type and extent
of controls appropriate to particular external providers and externally provided processes, products
and services.